Skip to content

Set up security update checks in CI #296

New issue
New issue
Open
Open
Set up security update checks in CI#296
Labels
complexity: mediumStraightforward but some complexity (e.g., involves multiple files)feature: infrastructureFor changes on site technical architecturerole: dev opss: PD teamstakeholder: People Depot Teamsize: 2ptCan be done in 7-12 hours
Milestone
 
02. Security
@fyliu

Description

@fyliu
fyliu
opened on Jun 6, 2024

Overview

We need to set up something like PyUp once we're deployed so that we're up-to-date for security updates.

Details

PyUP is a tool that updates all your project's Python dependency files through Pull Requests on GitHub/GitLab. It's repo is currently inactive and the project was converted to a product called Safety, this issue will explore alternatives including but not limited to:

  • set up Dependabot to do the same
  • set up a GHA to run pip-tools to do the updates (just update, no information on whether anything is vulnerable).

Action Items

  • research alternatives and document in comments below
  • Summarize a recommendation in a comment
  • Review and get sign-off from
    • Lead dev
    • Product Lead
  • Deploy solution
    • If the solution involves deploying via GitHub actions
      • document in the GitHub actions page

Resources/Instructions

Metadata

Metadata

Assignees

No one assigned

    Labels

    complexity: mediumStraightforward but some complexity (e.g., involves multiple files)feature: infrastructureFor changes on site technical architecturerole: dev opss: PD teamstakeholder: People Depot Teamsize: 2ptCan be done in 7-12 hours

    Type

    No type

    Projects

    P: PD: Project Board

    Status

    📋Prioritized Backlog

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions